Understanding High Security Networks

This topic will introduce you to the functions and features of high-security networks and the types of hardware devices and software tools required to maintain them. We will also discuss the industry standards and compliance requirements for assessing hardware and software quality in high-security networks.

In this topic, you will learn the following.

• Network hardware and peripherals
• Network systems and software
• Hardware and software quality standards

Let us begin.

High-security networks are specialised infrastructures that safeguard sensitive information and critical assets from unauthorised access, data breaches, and cyber threats. These networks are commonly found in industries such as government, defence, finance, healthcare, and research, where confidentiality, integrity, and availability of data are paramount.

The following video provides an overview of the characteristics of secure networks, their functions and features.

Maintaining high-security networks is crucial to safeguarding sensitive data, protecting against cyber threats, and preserving business continuity. It reduces the risk of data breaches, financial losses, and reputational damage. High-security networks ensure compliance with regulations and build trust among customers and stakeholders. Proactive security measures mitigate the impact of evolving cyber threats, ensuring the resilience and integrity of organisational operations.

Basic Networking Hardware

In any organisation, the core network infrastructure comprises fundamental hardware devices and peripherals such as routers, switches and firewalls. Therefore, it is important to understand the setup of the fundamental networking hardware devices that make up an organisation’s network.

The following video discusses the basic network hardware and peripherals a typical network technician would encounter. Pay attention to the common industry terms and familiarise with the industry jargon used in the discussion.

It is important to note that the integration and configuration of these hardware components play a critical role in creating a cohesive and secure network infrastructure. Regular maintenance, updates, and monitoring are also essential to ensure the ongoing effectiveness of the high-security network.

Advanced Security Devices

A high-security network relies on a robust infrastructure of hardware devices and peripherals to safeguard sensitive data and prevent unauthorised access. These include firewalls, encryption devices, biometric scanners, secure routers, and intrusion detection systems. Each component plays a vital role in fortifying the network against potential threats and ensuring data integrity.

The following video discusses some of the advanced networking hardware, their features and functions.

Hardware Security Modules

Hardware Security Modules (HSMs) are indispensable components in high-security networks, providing a dedicated hardware-based approach to safeguarding cryptographic keys and performing secure cryptographic operations. With tamper-resistant design and stringent access controls, HSMs ensure the integrity and confidentiality of sensitive data, offering paramount protection against sophisticated cyber threats.

The following video discusses hardware security modules, their functionality and features.

Knowledge Check

Complete the following three (3) activities to check your understanding of the network hardware and peripherals discussed in this topic. You may repeat this activity as often as you like. Use the arrows to move between the different activities.

In high-security networks, network operating systems (NOS) and software are pivotal in managing and securing network operations. These systems offer robust authentication, encryption, and access control mechanisms, ensuring data confidentiality and integrity. Continuous monitoring and updates fortify defences against evolving cyber threats, maintaining network resilience.

Understanding Operating Systems

Operating systems (OS) are crucial software that manage computer hardware and software resources. Therefore, understanding operating systems is crucial for maintaining high-security networks. Knowledge of OS vulnerabilities and patch management ensures timely updates to mitigate potential exploits.

The operating systems used to manage network resources are known as Network Operating Systems (NOS) and are used to facilitate communication and data exchange among interconnected devices. Examples include Windows Server, which facilitates centralised user management and file sharing, and Linux distributions like Ubuntu Server, renowned for stability and customisation. NOS play pivotal roles in modern network infrastructures, ensuring efficient and secure operations.

The following video will introduce you to different types of operating systems found in the modern enterprise.

CLI vs. GUI

The Command-Line Interface (CLI) and Graphical User Interface (GUI) are two distinct types of interfaces used for maintaining high-security networks, each with its own set of functions and features.

In high-security network maintenance, the choice between CLI and GUI often depends on the specific needs, preferences, and expertise of the administrators. While CLI excels in efficiency, automation, and resource conservation, GUI offers a more user-friendly approach with visual aids for better understanding and management of security settings. Many network administrators utilise a combination of both interfaces based on the task at hand and their specific requirements.

The following video discusses the features and functions when using Command-Line Interface (CLI) vs. the use of Graphical User Interface (GUI) to perform operations in Linux operating systems.

Access the following TechTarget article What are the advantages and disadvantages of CLI and GUI? to learn more.

Network security software

In secure networks, the choice of software systems is critical to implementing various security measures, managing network operations, and ensuring the integrity and confidentiality of data. The specific software components can vary based on the organisation's needs, industry requirements, and the nature of the data being protected.

Organisations often use a combination of software tools as part of a comprehensive cybersecurity strategy to recognise and respond to security threats.

Let's explore some of examples of threat data recognition software tools.

Wireshark

Wireshark is a network protocol analyser that captures and inspects network traffic in real-time. It allows you to capture packets traversing the network, whether wired or wireless. When suspicious traffic is detected, Wireshark allows you to drill down into packet details to understand the nature of the threat. This information is valuable for incident response and forensic analysis.

The following video demonstrates how Wireshark can identify various threat data.

Antivirus and antimalware software

Antivirus and anti-malware software is specifically designed to detect and remove malicious software, including viruses, trojans, ransomware, and spyware.

The following video demonstrates how to use antivirus software to identify threat data.

NetFlow

NetFlow is a network protocol for collecting and recording network traffic flow information. It aggregates data about network conversations and their characteristics. NetFlow data provides a high-level overview of network traffic, which is useful for identifying potential threats.

Explore the NetFlow Analyser live demo.

NetFlow data can be used for real-time monitoring and alerting. Security Information and Event Management (SIEM) systems often integrate NetFlow data to enhance threat detection and correlation. The following video explains the types of data that NetFlow can collect, store and interpret.

Hardware Quality Standards

When evaluating hardware quality standards in high security networks, several considerations are paramount.

• Reliability: Hardware should be robust enough to withstand continuous operation without failure, minimising downtime and vulnerabilities.
• Compatibility: It is important to ensure seamless integration of the hardware with existing network infrastructure and security protocols.
• Security features: Hardware should incorporate encryption capabilities, secure boot mechanisms, and firmware update procedures to mitigate risks such as unauthorised access and data breaches. Moreover, considerations for physical security, such as tamper-resistant enclosures and environmental resilience, safeguard against unauthorised access and environmental hazards.
• Scalability: This is vital for accommodating growth and evolving security requirements, enabling networks to adapt to changing threats and organisational needs efficiently.
• Vendor reputation and support services: Choosing reputable vendors with a track record of delivering high-quality, secure hardware ensures ongoing support and timely updates to address emerging threats and vulnerabilities.

By prioritising these considerations, organisations can deploy and maintain security networks that effectively protect sensitive data and critical assets.

Hardware Quality Requirements

When assessing the quality standards of hardware and peripherals one should ensure compliance with the following standards and requirements.

• Industry standards and certifications, such as ISO 27001 or NIST guidelines, which demonstrates a commitment to security best practices.
• Quality standards, benchmarks and testing requirements relevant to equipment and peripheral use. For example:
  • Australian cabling standards | ACMA
  • Ethernet Compliance Testing | Granite River Labs
  • Guidelines for ICT Equipment | Cyber.gov.au
• Specific organisational policies and procedures that outline the required quality standards.
• Relevant WHS standards for using and safe handling of equipment associated with appropriate codes of practice.

Software Quality Standards

Evaluating software quality standards for maintaining security networks involves several critical considerations.

• Security features and protocols within the software: The software should offer robust encryption methods, authentication mechanisms, access controls, and secure communication protocols to protect sensitive data and prevent unauthorised access.
• Compatibility and interoperability: Software should seamlessly integrate with existing network infrastructure and security solutions, ensuring smooth operation without introducing vulnerabilities or conflicts. It's essential to assess whether the software adheres to industry standards such as NIST guidelines to guarantee a high level of security and reliability.
• Access to regular software updates and patches and vendor support: The vendor's commitment to providing timely updates and ongoing support is critical for addressing newly discovered vulnerabilities and emerging threats.
• Performance and scalability: This ensures that the software can handle the demands of growing networks and evolving security requirements effectively.
• Usability and user experience: This is important as intuitive interfaces and clear documentation contribute to efficient security management and incident response.
• Reputation and track record of the software vendor: Assessing vendor reputation including their responsiveness to security incidents and commitment to addressing customer concerns, is essential for making informed decisions about software quality and reliability in security network maintenance.

Software Quality Requirements

When assessing the quality standards of software one should ensure compliance with the following standards and requirements.

• Industry standards and regulations for software licensing, version control, security protocols and data encryption practices.
• Quality standards, benchmarks and testing requirements relevant to software functions, features and performance.
• Specific organisational policies and procedures that outline the required quality standards for software.

Key considerations when conducting quality assessments

When confirming a work brief related to conducting hardware and/or software tasks, several key considerations should be taken into account to ensure successful completion:

• Understanding requirements: Carefully review the work brief to understand the specific hardware and software tasks required. This involves clarifying the scope of work, desired outcomes, and any constraints or limitations.
• Technical specifications: Confirm the technical specifications of the hardware and software involved in the task. This includes understanding compatibility requirements, system configurations, and any specialised tools or software needed for the job.
• Resource allocation: Assess the availability of resources necessary to complete the work brief, including hardware components, software licenses, and skilled personnel. Allocate resources accordingly to avoid delays or shortages during the execution phase.
• Risk assessment: Conduct a thorough risk assessment to identify potential hazards or challenges associated with the hardware and software tasks. This may involve considering factors such as Work Health and Safety concerns, data security risks, compatibility issues, and potential disruptions to operations.
• Compliance and standards: Ensure that the planned hardware and/or software tasks adhere to relevant industry standards for assuring software/hardware quality, regulatory requirements, and organisational policies. This includes considerations such as data privacy regulations, software licensing agreements, and health and safety guidelines.
• Timeline and milestones: Establish a realistic timeline for completing the hardware and software tasks, taking into account factors such as task complexity, resource availability, and project dependencies. Set clear milestones to track progress and ensure timely delivery.
• Communication and collaboration: Foster open communication and collaboration among team members involved in the hardware and software tasks. Clearly communicate roles, responsibilities, and expectations to ensure alignment and minimise misunderstandings.
•  Quality assurance: Implement quality assurance measures to verify that the hardware and software tasks are completed to the required standards. This may involve conducting testing, validation, and verification procedures to ensure functionality, reliability, and performance.

By addressing these considerations when confirming a work brief related to conducting hardware and software tasks, organisations can effectively plan, execute, and deliver successful outcomes while minimising risks and maximising efficiency.

Example: Assessing hardware quality standards

The following steps can be followed by network technicians to ensure that an enterprise network’s hardware and peripherals meet necessary quality standards and safety regulations, and can identify opportunities for enhancing performance and reliability.

• Review WHS regulations: The network technician reviews Work Health and Safety (WHS) regulations and organisational policies to understand the safety requirements for conducting a hardware assessment in the server room.
• Identify hardware quality standards: The technician researches and identifies the applicable hardware quality standards and guidelines, ensuring they align with Australian regulatory requirements.
• Develop assessment checklist: Based on the identified standards and regulations, the technician develops a checklist or criteria for assessing the quality of the hardware and peripherals.
• Conduct on-site inspections: The technician conducts on-site inspections of the hardware and peripheral devices, evaluating their quality, safety features, and compliance with the established standards.
• Document assessment findings: After the inspection, the technician documents the findings, including any non-compliance issues or recommendations for improvement, following organisational reporting procedures.
• Review documentation and compare against benchmarks: Finally, the technician reviews the documentation of their findings and compares the performance and quality of the organisation’s hardware and peripherals against industry benchmarks.

Practice activity

Scenario: John, a network administrator at SecureNet Corp, is tasked with conducting a hardware quality assessment for their high-security network. The network comprises of several routers, switches, servers, and firewalls. The assessment involves checking the health and performance of each hardware component, identifying potential issues, and ensuring they are all up-to-date with the latest firmware.

Outline how John should do the following according to the work brief in the scenario.

• Plan, prioritise and sequence the complex tasks involved in this assessment
• Accept responsibility for the complex tasks and workload involved.

Answer: Expand the following sections to understand how John would successfully conduct the hardware quality assessment.

How Did You Go?

Congratulations on completing the topic Understanding high security networks .

In this topic, you learnt about:

• Network hardware and peripherals
• Network systems and software
• Hardware and software quality standards

Knowledge Check

Complete the following six (6) activities to check your understanding of the key concepts discussed in this topic. You may repeat this activity as often as you like. Use the arrows to move between the different activities.